Summary of the invention
Technical problem solved by the invention has been to provide the processing method and the equipment of safety function in a kind of handoff procedure, and is mutual in order to space interface signaling in the minimizing fail safe start-up course.
The processing method of safety function in a kind of handoff procedure is provided in the embodiment of the invention, has comprised the steps:
RNC determines that UE needs to switch to TD-SCDMA from GSM;
RNC sends HANDOVER TO UTRAN COMMAND (switch to UTRAN order) message by BSS to UE through CN, and carries the parameter that UE startup integrity protection needs in this message.
The processing method of safety function in a kind of handoff procedure is provided in the embodiment of the invention, has comprised the steps:
UE determines whether successfully to switch to TD-SCDMA from GSM;
Feed back switch failure information to RNC during failure; the HANDOVER TO UTRAN COMPLETE message that when success carried Messageauthentication code to the RNC feedback, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined.
A kind of radio network controller is provided in the embodiment of the invention, has comprised:
The switching judging module is used for determining that UE needs to switch to TD-SCDMA from GSM;
Parameter is carried module, is used for carrying the parameter that UE starts the integrity protection needs in HANDOVER TO UTRAN COMMAND message;
Sending module is used for sending HANDOVER TO UTRANCOMMAND message by BSS to UE through CN.
A kind of subscriber equipment is provided in the embodiment of the invention, has comprised:
Switch determination module, be used for determining whether successfully UE switches to TD-SCDMA from GSM;
Parameter is carried module, be used for when handover success, carry Message authentication code in HANDOVER TO UTRANCOMPLETE message, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined;
Feedback module is used for feeding back switch failure information to RNC when handoff failure, the HANDOVER TO UTRANCOMPLETE message of having carried Message authentication code to the RNC feedback when handover success.
Beneficial effect of the present invention is as follows:
In the technical scheme that the embodiment of the invention provides; when in handoff procedure, safety function being handled; RNC determines that UE needs to switch to TD-SCDMA from GSM; then send HANDOVER TO UTRAN COMMAND message by BSS to UE, and in this message, carry the parameter that UE startup integrity protection needs through CN.
And when failure fed back switch failure information to RNC; the HANDOVER TO UTRAN COMPLETE message that when success carried Messageauthenti cation code to the RNC feedback, Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined.
Owing to, in HANDOVER TO UTRAN COMMAND message, increase the alternative security Mode Command message of Integrity protection mode info and indicate UE to start the integrity protection process in the RNC side.
And in the UE side, in HANDOVER TO UTRAN COMPLETE message, increase IE:Integrity check info and indicate the integrity protection process to start successfully.
Therefore, the change by these two message has realized that will switch to behind the UTRAN safety function from gsm system starts two processes of eating dishes without rice or wine that need and be reduced to the process of eating dishes without rice or wine, and has reduced the mutual of space interface signaling.
Embodiment
The inventor notices in the invention process:
After switching to UTRAN from GSM, the startup of fail safe needs two processes of eating dishes without rice or wine, and two functions of fail safe are encrypted and integrity protection function right and wrong trigger simultaneously.
Describe according to existing protocol, when when GSM switches to UTRAN, the startup of fail safe comprises two flow processs of eating dishes without rice or wine, and carries out switching flow earlier, switching is finished after in the execution safety mode process.So do and cause the deficiencies in the prior art to be:
The time delay of whole process is long, and interoffice signaling is more alternately.In addition; aspect two of UTRAN side fail safe: encryption and integrity protection separately carry out; the execution of encrypting has precedence over the carrying out of integrity protection; but in the repositioning process between startup of the fail safe in RNC and RNC; integrity protection and encryption are all carried out synchronously; from protocol description with realize, will encrypt with these two functions associated of integrity protection isolate open all comparatively unreasonable.
In addition, if follow-up safety mode process failure will have encryption but phenomenon that integrity protection does not start in the RNC side, and this may cause call drop.
Given this, the technical scheme that provides in the embodiment of the invention will make RNC switch to the TD network development process from GSM in processing, realize simultaneously encrypting and integrity protection.Below in conjunction with accompanying drawing the specific embodiment of the present invention is described.
Fig. 2 is the processing method implementing procedure schematic diagram of safety function in the RNC side handoff procedure, as shown in the figure, can comprise the steps:
Step 201, RNC determine that UE needs to switch to TD-SCDMA from GSM;
Step 202, RNC send HANDOVER TO UTRANCOMMAND message by BSS to UE through CN, and carry the parameter that UE startup integrity protection needs in this message.
In the enforcement, SECURITY MODE COMMAND (safe mode command) message content that RNC starts integrity protection can comprise following IE (Information Element, information unit):
Security capability (security capabilities), CN domain identity (core network domain sign), Integrity protection mode info (integrity protection pattern information).Wherein, Security capability carries the back by the INTER RAT HANDOVER INFO among the ToTargetRNC-Container and brings Target RNC by gsm system.CN domain identity extends this as LATEST_CONFIGURED_CN_DOMAIN (core network domain disposes recently) by protocol requirement.
Start the relevant parameter that integrity protection needs and fill among the Integrity protection mode info.Promptly Security capability, CN domain identity information UE are known at this moment; therefore only relevant information needs RNC to indicate to UE among the Integrityprotection mode info, can increase Integrity protection mode info in HANDOVER TO UTRAN COMMAND message and does not use SECURITY MODE COMMAND (safe mode command) indication UE startup integrity protection.Also promptly:
In concrete the enforcement, RNC sends HANDOVER TO UTRANCOMMAND message by BSS to UE through CN, can comprise:
RNC sends the Relocation Request ACK message that carries HANDOVER TO UTRAN COMMAND message to CN;
CN sends the handover Command message that carries HANDOVER TO UTRAN COMMAND message to BSS;
BSS sends the handover Command message that carries HANDOVER TO UTRAN COMMAND message to UE.
Concrete; carrying the parameter that the startup integrity protection needs in HANDOVER TO UTRAN COMMAND message, can be to increase Integrity protection mode info to indicate UE to start the parameter that integrity protection needs in HANDOVER TO UTRAN COMMAND message.
Integrity protection mode info can comprise:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
Concrete enforcement is as follows.
Table 1
Information Element/Group name (information unit/group's title) |
Need (essential) |
Multi (scope) |
Type and reference (type and reference) |
Semantics description (semantic description) |
Message Type (type of message) |
MP (essential) |
|
Message Type |
|
UE information elements (UE information unit) |
|
|
|
|
Security?capability |
?MP |
|
Security capability 10.3.3.37 |
|
Integrity protection mode?info |
OP (optional) |
|
Integrity protection mode?info 10.3.3.19 |
Only present if integrity protection shall be controlled (only when constraint appears in integrity protection, occurring) |
CN Information elements (CN information unit) |
|
|
|
|
CN?domain?identity |
?MP |
|
CN domain identity 10.3.1.1 |
Indicates which ciphering and integrity protection keys are applicable (pointing out which key and integrity protection key are available) |
Table 2
Integrity protection mode info content can be as follows:
Information Element/Group?name |
Need |
Multi |
Type?and reference |
Semantics?description |
Integrity protection mode command (integrity protection mode command) |
MP |
|
(start modify) (enumerates (starting point, change)) to Enumera ted |
|
Downlink integrity protection activation info (down link integrity protection active information) |
CV-mo dify (Cond ition on Value condition is optional, depends on the value of Integrit y protecti on mode comma nd) |
|
Integrity protectio n activatio n info 10.3.3.17 |
|
Integrity protection algorithm (integrity protection rule) |
OP |
|
Integrity protectio n algorith m 10.3.3.18 |
|
Integrity protection initialisation number (integrity protection random value) |
CV-star t |
|
Bit string(32 ) |
FRESH [40] .The first/leftmost bit of the bit string contains the most significant bit of the FRESH. (beginning [40], Bit String |
|
|
|
|
First/the Far Left bit comprises the most effective bit that begins) |
Concrete, can in HANDOVER TO UTRAN COMMAND message, increase Integrityprotection mode info and indicate UE integrity protection relevant parameter.Integrity protection mode command selects Start among the Integrity protection modeinfo, the algorithm of supporting among the Security capability of Integrity protection algorithm selection UE, Integrity protection initialisationnumber is generated at random by RNC, and Downlink integrity protection activation info does not occur.
Table 3
Information Element/Group name |
Need |
Multi |
Type and reference |
Semantic s descriptio n |
Versi on |
New?U-RNTI |
MP |
|
U-RNTI Short 10.3.3.4 8 |
|
|
Integrity?protection mode?info |
OP |
|
Integrity protectio n mode info 10.3.3.1 9 |
Carry out when GSM switches between the UTRAN system and can comprise this IE |
|
Ciphering algorithm (cryptographic algorithm) |
OP |
|
Cipherin g algorith m 10.3.3.4 |
|
|
RNC support for change of UE capability (RNC supports the UE ability to change) |
MP |
|
Boolean (boolean) |
|
REL-7 (version 7) |
New?H-RNTI |
OP |
|
H-RNTI 10.3.3.1 4a |
|
REL-6 (version 6) |
New Primary E-RNTI |
OP |
|
E-RNTI 10.3.3.1 |
|
REL- 6 |
|
|
|
0a |
|
|
New Secondary E-RNTI |
OP |
|
E-RNTI 10.3.3.1 0a |
FDD?only |
REL- 6 |
Specification?mode information elements |
|
|
|
|
REL- 8 |
Default configuration for CELL_FACH (CELL_FACH default configuration) |
OP |
|
Default configur ation?for CELL_F ACH 10.3.4.0a |
|
REL- 8 |
CHOICE specification mode (canonical schema selection) |
MP |
|
|
|
|
>Complete specification (performance specification) |
|
|
|
|
|
RB information elements (radio bearer information unit) |
|
|
|
|
|
>>Signalling RB information to setup?list |
MP |
1to <maxSRB setup> |
|
For?each signalling radio bearer establishe d |
|
>>RAB information to setup?list |
OP |
1to <maxRAB setup> |
|
For?each RAB establishe d |
|
Uplink transport channels |
|
|
|
|
|
Downlink?transport channels |
|
|
|
|
|
Uplink radio resources |
|
|
|
|
|
Downlink radio resources |
|
|
|
|
|
Frequency?info |
MP |
|
Frequenc y?info 10.3.6.3 |
|
|
|
|
|
6 |
|
|
Multi-frequency Info |
OP |
|
Multi-fre quency Info 10.3.6.3 9a |
This?IE?is used?for 1.28 Mcps TDD only |
REL- 7 |
Maximum?allowed UL?TX?power |
MP |
|
Maximu m allowed UL TX power 10.3.6.3 9 |
|
|
Be the implementation of RNC side above, will the enforcement of UE side be described below.
In declarative procedure, though be to describe from the enforcement of UE and RNC side respectively, but this does not also mean that the two must cooperate enforcement, in fact, when UE and RNC divide when beginning to implement, its UE side that also solves separately, the problem of RNC side when just the two is used in combination, can obtain better technique effect.
Fig. 3 is the processing method implementing procedure schematic diagram of safety function in the UE side handoff procedure, as shown in the figure, can comprise the steps:
Step 301, UE determine whether successfully to switch to TD-SCDMA from GSM;
Feed back switch failure information to RNC when step 302, failure; the HANDOVER TO UTRAN COMPLETE message that when success carried Message authentication code to the RNC feedback, described Message authentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRANCOMMAND message that sends according to RNC is determined.
In the enforcement; the parameter that the startup integrity protection that HANDOVER TO UTRAN COMMAND message is carried needs can be to increase Integrity protection mode info to indicate UE to start the parameter that integrity protection needs in HANDOVER TO UTRAN COMMAND message.
In the enforcement, Integrity protection mode info can comprise:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, HANDOVER TO UTRAN COMPLETE message can be to carry Message authentication code (message authentication code) in the Integrity check info (integrity check info) that increases.
In concrete the enforcement, can increase Integrity check info indication HANDOVER TO UTRAN COMPLETE in HANDOVER TO UTRAN COMPLETE message is article one message of up startup integrity protection.
UE uses relevant parameter calculating Message authentication code (message authentication code) to be filled among the Integrity check info then, and the Messageauthentication code that RNC uses corresponding calculation of parameter expectation to receive checks the integrality of signaling.
Also promptly, in the RNC side, can further include:
After RNC receives the switch failure information of UE feedback, press the UE handoff failure and handle;
After RNC receives the HANDOVERTO UTRAN COMPLETE message of having carried Message authentication code of UE feedback; RNC determines Message authentication code according to the parameter of the startup integrity protection needs on the RNC, and checks the signaling integrality with Message authenticationcode in this Message authenticationcode that determines and the HANDOVER TO UTRAN COMPLETE message.
Concrete; in HANDOVER TO UTRAN COMMAND message, use Integrityprotection mode info to indicate UE integrity protection relevant parameter; if UE thinks that these configurations are effectively, can return HANDOVER TO UTRAN COMPLETE sign handover success.This moment, UE used relevant parameter calculating Message authenticationcode among the Integrity protection mode info, otherwise UE sends the handoff failure order to BSC, and UE still can reside in the 2G network.
RNC receives HANDOVER TO UTRAN COMPLETE sign UE handover success, and RNC uses the Message authentication code of the relevant parameter calculation expectation reception that sends to UE.RNC can not receive response message, then thinks handoff failure.
Concrete enforcement is as follows.
Table 4
Information Element/Group?name |
Need |
Multi |
Type?and reference |
Semantics?description |
Message?Type |
MP |
|
Message Type |
|
UE Information elements |
|
|
|
|
Integrity?check?info |
CH (con tion ov history condition is optional, depends on the content of history message) |
|
Integrity check info 10.3.3.16 |
|
START list (Start value list) |
CH |
1?to <maxC Ndomai ns> |
|
START[40]values for?all?CN?domains. |
>CN?domain?identity |
MP |
|
CN domain identity 10.3.1.1 |
|
>START |
MP |
|
START 10.3.3.38 |
|
RB Information elements |
|
|
|
|
COUNT-C activation time |
OP |
|
Activatio n?time 10.3.3.1 |
Used for radio bearers?mapped?on RLC-TM. |
Integrity check info thes contents are as follows:
Table 5
Information Element/Group name |
Need |
Multi |
Type and reference |
Semantics description |
Message |
MP |
|
Bit |
MAC-I[40] .The |
Authentication code |
|
|
String (32) |
First/leftmost bit of the bit string contains the most significant bit of the MAC-I.The 27 MSB of the IE shall be set to zero and the 5 LSB of the IE shall be set to the value of the IE " RB identity " for the used signalling radio bearer when the encoded RRC message is used as the MESSAGE parameter in the integrity protection algorithm. (first/leftmost bit string position has comprised the bit of most important MAC. For available radio bearer when when the RRC message of having encoded is used as the protection algorithm integrallty of MESSAGE parameter, IE 27 highest orders should be set to zero, should be set to the value " RB sign " of IE at IE 5 lowest orders) |
RRC Message sequence number (RRC message SN) |
MP |
|
Integer (0..15) |
The local RRC hyper frame number (RRC HFN) is concatenated with the RRC message sequence number to form the input parameter COUNT-I for the integrity protection algorithm. The IE value shall be set to zero when the |
|
|
|
|
(local RRC Hyper Frame Number (RRC HFN) and RRC message SN link together encoded RRC message is used as the MESSAGE parameter in the integrity protection algorithm., form the protection algorithm integrallty of input parameter COUNT-I.When RRC message was used as the protection algorithm integrallty of MESSAGE parameter, the value of IE should be set to zero.) |
Based on same inventive concept, a kind of RNC, subscriber equipment also are provided in the embodiment of the invention, because the processing method of safety function is similar in the handoff procedure of these equipment principle of dealing with problems and RNC side, the enforcement of UE side, therefore the enforcement of these equipment can repeat part and repeat no more referring to the enforcement of method.
Fig. 4 is the radio network controller structural representation, as shown in the figure, can comprise among the RNC:
Switching judging module 401 is used for determining that UE needs to switch to TD-SCDMA from GSM;
Parameter is carried module 402, is used for carrying the parameter that UE starts the integrity protection needs in HANDOVER TO UTRAN COMMAND message;
Sending module 403 is used for sending HANDOVER TO UTRANCOMMAND message by BSS to UE through CN.
In the enforcement, sending module can be further used for sending the Relocation Request ACK message that carries HANDOVER TOUTRAN COMMAND message to CN.
In the enforcement; parameter is carried module and can be further used for carrying in HANDOVER TO UTRANCOMMAND message when starting the parameter that integrity protection needs, and increases Integrity protection mode info and indicate UE to start the parameter that integrity protection needs in HANDOVER TOUTRAN COMMAND message.
In the enforcement, parameter is carried module can be further used for as follows determining option among the Integrity protectionmode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, can further include among the RNC:
Switch post-processing module 404, be used for after the switch failure information that receives the UE feedback, press the UE handoff failure and handle; After the HANDOVER TO UTRAN COMPLETE message of having carried Message authentication code that receives the UE feedback; parameter according to the startup integrity protection needs on the RNC is determined Message authentication code, and checks the signaling integrality with the Messageauthentication code in this Messageauthentication code that determines and the HANDOVER TO UTRAN COMPLETE message.
Fig. 5 is the user device architecture schematic diagram, as shown in the figure, can comprise among the UE:
Switch determination module 501, be used for determining whether successfully UE switches to TD-SCDMA from GSM;
Parameter is carried module 502, be used for when handover success, carry Message authentication code in HANDOVER TO UTRANCOMPLETE message, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined;
Feedback module 503 is used for feeding back switch failure information to RNC when handoff failure, the HANDOVER TO UTRANCOMPLETE message of having carried Message authentication code to the RNC feedback when handover success.
In the enforcement, parameter is carried module and can be further used for Integrity protection mode info from the HANDOVER TOUTRAN COMMAND message that RNC sends and obtain UE and start parameter that integrity protection needs.
In the enforcement, parameter is carried module can be further used for obtaining following option from Integrity protection mode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, parameter is carried among the Integrity check info that module can be further used for increasing in HANDOVER TO UTRANCOMPLETE message and is carried Message authenticationcode.
For the convenience of describing, the each several part of the above device is divided into various modules with function or the unit is described respectively.Certainly, when enforcement is of the present invention, can in same or a plurality of softwares or hardware, realize the function of each module or unit.
As seen from the above-described embodiment, owing to, in HANDOVER TO UTRANCOMMAND message, increase the alternative security ModeCommand message of Integrity protection mode info and indicate UE to start the integrity protection process in the RNC side.
And in the UE side, in HANDOVER TO UTRAN COMPLETE message, increase IE:Integrity check info and indicate the integrity protection process to start successfully.
Change by these two message has realized that will switch to behind the UTRAN safety function from gsm system starts two processes of eating dishes without rice or wine that need and be reduced to the process of eating dishes without rice or wine.
Further, if the integrality configuration can not be by the UE successful implementation, UE can return handoff failure in the GSM side, and UE still can reside in gsm system.After avoiding UE to switch to UTRAN,, improve user satisfaction because the integrity protection configuration failure causes UE possibility call drop.
As seen, technical scheme handling process and specific implementation that the embodiment of the invention provides are simple, and with respect to the existing protocol scheme, this scheme can shorten processing delay, reduce and eat dishes without rice or wine alternately, save interface-free resources and can reduce conversation loss.
Those skilled in the art should understand that embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt complete hardware embodiment, complete software implementation example or in conjunction with the form of the embodiment of software and hardware aspect.And the present invention can adopt the form that goes up the computer program of implementing in one or more computer-usable storage medium (including but not limited to magnetic disc store, CD-ROM, optical memory etc.) that wherein include computer usable program code.
The present invention is that reference is described according to the flow chart and/or the block diagram of method, equipment (system) and the computer program of the embodiment of the invention.Should understand can be by the flow process in each flow process in computer program instructions realization flow figure and/or the block diagram and/or square frame and flow chart and/or the block diagram and/or the combination of square frame.Can provide these computer program instructions to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, make the instruction of carrying out by the processor of computer or other programmable data processing device produce to be used for the device of the function that is implemented in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, make the instruction that is stored in this computer-readable memory produce the manufacture that comprises command device, this command device is implemented in the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
These computer program instructions also can be loaded on computer or other programmable data processing device, make on computer or other programmable devices and to carry out the sequence of operations step producing computer implemented processing, thereby the instruction of carrying out on computer or other programmable devices is provided for being implemented in the step of the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
Although described the preferred embodiments of the present invention, in a single day those skilled in the art get the basic creative notion of cicada, then can make other change and modification to these embodiment.So claims are intended to all changes and the modification that are interpreted as comprising preferred embodiment and fall into the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.